X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=role_edit.php;h=972d4540cb2e3e9d2f392a640e3d1a00663f664e;hb=HEAD;hp=3eb7696b0b3851ef4ef41f7d7868c86a170e4bb2;hpb=fd0872d9e582113346fa1e93557f370286c5c9f2;p=timetracker.git

diff --git a/role_edit.php b/role_edit.php
index 3eb7696b..972d4540 100644
--- a/role_edit.php
+++ b/role_edit.php
@@ -28,11 +28,9 @@
 
 require_once('initialize.php');
 import('form.Form');
-import('ttTeamHelper'); // TODO: remove this?
-import('ttTaskHelper'); // TODO: remove this?
 import('ttRoleHelper');
 
-// Access check.
+// Access checks.
 if (!ttAccessAllowed('manage_roles')) {
   header('Location: access_denied.php');
   exit();
@@ -43,6 +41,8 @@ if (!$role) {
   header('Location: access_denied.php');
   exit();
 }
+// End of access checks.
+
 $assigned_rights = explode(',', $role['rights']);
 $available_rights = array_diff($user->rights, $assigned_rights);
 
@@ -81,6 +81,7 @@ if ($request->isPost()) {
     // Validate user input.
     if (!ttValidString($cl_name)) $err->add($i18n->get('error.field'), $i18n->get('label.thing_name'));
     if (!ttValidString($cl_description, true)) $err->add($i18n->get('error.field'), $i18n->get('label.description'));
+    if ($cl_rank >= $user->rank || $cl_rank < 0) $err->add($i18n->get('error.field'), $i18n->get('form.roles.rank'));
 
     if ($err->no()) {
       $existing_role = ttRoleHelper::getRoleByName($cl_name);